Information security processes and controls are often not considered as part of the well-established change and configuration management frameworks. Organisations build secure technological infrastructures and conduct penetration testing to identify vulnerabilities, but there is often no ongoing security maintenance leading to security failures. These failures can be put down to a number of inherent issues:
Increased security concerns have a direct consequence on the number of changes (i.e. patch installations to remediate vulnerabilities, configuration changes to block attacks, etc.) requested. Often these changes are planned, driven by security or compliance requirements, the introduction of advanced technologies or other requirements, but sometimes the changes are driven by urgency when systems/applications/networks are under attack.
CMA will work with organisations to develop a comprehensive and effective security change management program.
"I would recommend Cyber Management Alliance’s tabletop workshops to anyone genuinely interested in being on top of their cyber incident response strategies. The format and style of conducting the entire workshop is what I found a lot of value in. Most importantly, the scenarios on which the workshop was based were relevant to the business, making the exercise a great investment of time and resources."
Chief Information Officer - Director - Investment Management, London
"The CCTE and corresponding audit conducted by Cyber Management Alliance Ltd was expertly delivered and has given us insights to reinforce our cyber strategy by continuing to help build the picture of where we were, where we are now and our next focussed steps. We will be engaging CM-Alliance on an annual basis."
Strategic Technology Leader
Aster Group UK
"Amar is a unique individual, able to look at the minute detail of a security issue whilst holding onto a commercially aware "bigger picture". His largest impact was the design, procurement and implementation of a new firewall solution for the Trust which was a remarkably smooth project."
Tony Ball
Royal Berkshire NHS Foundation Trus
"I worked with Amar on a complex requirement that he was trying to fulfil. He is a proficient communicator and was able to dissect the request down into smaller, measurable pieces of work."
Senior IT Security Consultant
"Amar brings a unique mix of business strategy, technical and managerial experience. He is a thought leader on a large number of cyber related topics including response planning in event of a major cyber incident, responding to cyber attacks, training for senior executives and setting the correct agenda at board level."
CITI BANK
"Amar is marvelous in his knowledge and experience on cyber security and data protection. He comes with a vast experience and knowledge bank. I have not seen many professionals like him in the industry, as he has a deep technical understanding and a very good commercial and business focused mindset."
Head-Business Operations @ Enterprise Security Risk Managment
TATA CONSULTANCY SERVICES
"Amar is a knowledge leader in the domain of IT Security, Privacy, GRC and I have benefitted from his Cyber Business Executive Programme at Shrivenham, U.K. Now it is a life long connection and an opportunity to discuss Cyber with a reliable friend as and when I need."
TATA CONSULTANCY SERVICE
"I've enjoyed sharing information with Amar, meeting over coffee's to discuss emerging trends in Cyber and learning about the challenges faced by a CISO within a large organisation. I continue to look forward to Amars publications on Information Security and find him a very interesting person to work with."
News International
"Amar is unique; A great person with a very creative and fresh approach to information security & risk management. He is very experienced professional, a very good influencer and finds always the right way to communicate."
Cyberr Security Manager KPMG
"Amar was a keynote speaker as well as a panelist on the Hackers versus CISOs debate at the 2012 Global CISO Forum. He brought a lot of expertise and insight to the event and was a major contributor to the overall success. He was great to work with and extremely generous with his time and knowledge."
EC-Council
"Amar was a keynote speaker as well as a panelist on the Hackers versus CISOs debate at the 2012 Global CISO Forum. He brought a lot of expertise and insight to the event and was a major contributor to the overall success. He was great to work with and extremely generous with his time and knowledge."
EC-Council
"Amar is unique; A thorough professional he is both technically sound and experienced in engaging and winning over executive leadership and has the acumen to drive the Information Security message throughout the organisation."
Manager, Solutions Architecture
"I like Amar's unique and fresh approach to information security & risk management. Very business-like with a constant focus on practical Information security I am greatly impressed with the way he deals with all level of management including Senior C level executives to the super techies and of course us project managers. A true professional in every sense."
Senior Project Manager at National Grid
Atos International
